Commit 9ded00c2 authored by tonu@x153.internalnet's avatar tonu@x153.internalnet

SSL stuff fix

parent 22dbb425
...@@ -62,7 +62,7 @@ public: ...@@ -62,7 +62,7 @@ public:
char *user,*password; char *user,*password;
ulong salt[2]; ulong salt[2];
#ifdef HAVE_OPENSSL #ifdef HAVE_OPENSSL
char *ssl_type, *ssl_cipher, *ssl_issuer, *ssl_subject; char *ssl_type, *ssl_cipher, *x509_issuer, *x509_subject;
#endif #endif
}; };
...@@ -202,11 +202,14 @@ int acl_init(bool dont_read_acl_tables) ...@@ -202,11 +202,14 @@ int acl_init(bool dont_read_acl_tables)
update_hostname(&user.host,get_field(&mem, table,0)); update_hostname(&user.host,get_field(&mem, table,0));
user.user=get_field(&mem, table,1); user.user=get_field(&mem, table,1);
user.password=get_field(&mem, table,2); user.password=get_field(&mem, table,2);
#ifdef HAVE_OPENSSL #ifdef HAVE_OPENSSL
user.ssl_type=get_field(&mem, table,17); DBUG_PRINT("info",("table->fields=%d",table->fields));
user.ssl_cipher=get_field(&mem, table,18); if (table->fields >= 21) {
user.ssl_issuer=get_field(&mem, table,19); user.ssl_type=get_field(&mem, table,17);
user.ssl_subject=get_field(&mem, table,20); user.ssl_cipher=get_field(&mem, table,18);
user.x509_issuer=get_field(&mem, table,19);
user.x509_subject=get_field(&mem, table,20);
}
#endif #endif
if (user.password && (length=(uint) strlen(user.password)) == 8 && if (user.password && (length=(uint) strlen(user.password)) == 8 &&
protocol_version == PROTOCOL_VERSION) protocol_version == PROTOCOL_VERSION)
...@@ -2422,28 +2425,28 @@ int mysql_show_grants(THD *thd,LEX_USER *lex_user) ...@@ -2422,28 +2425,28 @@ int mysql_show_grants(THD *thd,LEX_USER *lex_user)
} }
#ifdef HAVE_OPENSSL #ifdef HAVE_OPENSSL
/* SSL grant stuff */ /* SSL grant stuff */
DBUG_PRINT("info",("acl_user->ssl_type=%s",acl_user->ssl_type)); DBUG_PRINT("info",("acl_user->ssl_type=%s",acl_user->ssl_type));
DBUG_PRINT("info",("acl_user->ssl_cipher=%s",acl_user->ssl_cipher)); DBUG_PRINT("info",("acl_user->ssl_cipher=%s",acl_user->ssl_cipher));
DBUG_PRINT("info",("acl_user->ssl_subject=%s",acl_user->ssl_subject)); DBUG_PRINT("info",("acl_user->x509_subject=%s",acl_user->x509_subject));
DBUG_PRINT("info",("acl_user->ssl_issuer=%s",acl_user->ssl_issuer)); DBUG_PRINT("info",("acl_user->x509_issuer=%s",acl_user->x509_issuer));
if(acl_user->ssl_type) { if(acl_user->ssl_type) {
if(!strcmp(acl_user->ssl_type,"ssl")) if(!strcmp(acl_user->ssl_type,"ssl"))
global.append(" REQUIRE SSL",12); global.append(" REQUIRE SSL",12);
else if(!strcmp(acl_user->ssl_type,"x509")) else if(!strcmp(acl_user->ssl_type,"x509"))
{ {
global.append(" REQUIRE X509 ",14); global.append(" REQUIRE X509 ",14);
if(acl_user->ssl_issuer) { if(acl_user->x509_issuer) {
global.append("SUBJECT \"",9); global.append("SUBJECT \"",9);
global.append(acl_user->ssl_issuer,strlen(acl_user->ssl_issuer)); global.append(acl_user->x509_issuer,strlen(acl_user->x509_issuer));
global.append("\"",1); global.append("\"",1);
} }
if(acl_user->ssl_subject) { if(acl_user->x509_subject) {
global.append("ISSUER \"",8); global.append("ISSUER \"",8);
global.append(acl_user->ssl_subject,strlen(acl_user->ssl_subject)); global.append(acl_user->x509_subject,strlen(acl_user->x509_subject));
global.append("\"",1); global.append("\"",1);
} }
}
} }
}
#endif #endif
if (want_access & GRANT_ACL) if (want_access & GRANT_ACL)
global.append(" WITH GRANT OPTION",18); global.append(" WITH GRANT OPTION",18);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment